E-Mail authentication fight looming: Microsoft pushing Sender ID

Mon Jul 11 17:00:04 UTC 2005

On Sun, 10 Jul 2005, Suresh Ramasubramanian wrote:

> > > The second issue with boycotting, is the false positives.
> >
> > No, the *point* of the boycott is the "false positives".  ISPs *will* react
> > when their general users find themselves unable to send e-mail because the
> > entire netspace of the offending ISP is blocked (boycotted).
>
> It depends, of course, on who is doing the spam filtering.
>
> I've seen several people I respect, doing good and sensible filtering
> that is as surgical as possible, but remarkably effective given that
> this filtering is applied at 800 lb gorilla sites.

Which is exactly what I said, too.  One particular gorilla has at least
started to enforce long-established RFC "standards" that most folks blindly
ignored out of laziness for years.

> I've also seen some people, with root and/or enable on remarkably
> large networks, who don't realize that good spam filtering is not just
> knowing the syntax for "access list 101 deny" or "vi /etc/mail/access,
> then makemap hash access.db < access"., and who I wouldn't trust to be
> postmaster at etch-a-sketch, let alone on a production cluster of
> mailservers.

And this is the problem -- but then, such miserably inept admins are usually
also responsible for the *outflow*, and are thus working for a highly
intersecting set of ISPs that should be targeted for escalation, "collateral
damage", "false positive" blocking in order to get them to wake up and read
documentation for once....

-- 
-- Todd Vierling <tv at duh.org> <tv at pobox.com> <todd at vierling.name>